package com.longbo.leaf.portal.controller;


import com.longbo.leaf.aop.MyLog;
import com.longbo.leaf.common.ApiResponse;
import com.longbo.leaf.dto.UserLoginDTO;
import com.longbo.leaf.dto.UserRegisterDTO;
import com.longbo.leaf.portal.model.User;
import com.longbo.leaf.portal.service.IUserRoleService;
import com.longbo.leaf.portal.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.web.bind.annotation.RestController;

import javax.validation.Valid;
import java.util.List;

/**
 * <p>
 * 用户表 前端控制器
 * </p>
 *
 * @author longbo
 * @since 2021-02-01
 */
@RestController
@RequestMapping("/api/user")
public class UserController {

    @Autowired
    private IUserService userService;

    @Autowired
    private IUserRoleService userRoleService;

    @Autowired(required = false)
    private AuthenticationManager authenticationManager;


    @PreAuthorize("hasAuthority('/select/User')")
    @MyLog(value = "查看所有用户")  //这里添加了AOP的自定义注解
    @RequestMapping("/selectUserAll")
    public Object selectUserAll(){
        List<User> users = userService.selectUserAll();
        return ApiResponse.ofSuccess(users);
    }


    @RequestMapping("/register")
    public Object register(UserRegisterDTO userRegisterDTO){
        userService.userRegister(userRegisterDTO);
        return "注册成功!";
    }

    @PreAuthorize("hasAuthority('/delete/user')")
    @MyLog(value = "删除用户")  //这里添加了AOP的自定义注解
    @RequestMapping("/deleteUser")
    public Object deleteUser(String userId){
        userService.deleteUserByUserId(userId);
        return ApiResponse.ofMessage("刪除角色成功!");
    }

    @PreAuthorize("hasAuthority('/update/updatePermission')")
    @MyLog(value = "修改用户权限")  //这里添加了AOP的自定义注解
    @RequestMapping("/updatePermission")
    public Object updatePermission(Long userId,Long roleId){
     int rows = userService.updateByUserIdAndRoleIdInt(userId,roleId);
        return ApiResponse.ofMessage(rows==1?"修改权限成功!":"修改权限失败!");
    }
}
